dotfiles/nixos/systems/blowhole/default.nix

74 lines
1.8 KiB
Nix
Raw Normal View History

# SPDX-FileCopyrightText: 2022 Richard Brežák <richard@brezak.sk>
#
# SPDX-License-Identifier: LGPL-3.0-or-later
{ inputs, lib, config, ... }:
let
inherit (lib)
flip
mapAttrs
singleton;
config' = config;
in
{
flake.nixosConfigurations.blowhole = inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {
config' = config';
inputs' = inputs;
secret =
if builtins.pathExists "${inputs.secret}/default.nix" then
import inputs.secret { inherit lib; }
else
{};
};
modules = singleton
({ pkgs, config, ... }:
{
imports = [
./bind.nix
./consul.nix
./filesystems.nix
./firewall.nix
./grub.nix
./hardware.nix
./hostapd.nix
./ical2org.nix
./klipper.nix
./monitoring.nix
./nas.nix
./networking.nix
./nfs.nix
./nomad.nix
./uterranix.nix
./vault-agent.nix
./vault.nix
./watchdog.nix
./nixpkgs.nix
./users.nix
../../common/remote_access.nix
inputs.serokell-nix.nixosModules.acme-sh
config'.flake.nixosModules.hashicorp
config'.flake.nixosModules.hashicorp-envoy
config'.flake.nixosModules.telegraf
config'.flake.nixosModules.grafana
];
_module.args.nixinate = {
host = "blowhole.hosts.in.redalder.org";
sshUser = "main";
buildOn = "local";
substituteOnTarget = true;
hermetic = false;
nixOptions = [
"--override-input secret path://$HOME/dotfiles/secret"
];
};
system.stateVersion = "21.05";
});
};
}